[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] condor_ssh_to_job

On 8/22/2013 12:57 PM, Dimitri Maziuk wrote:
On 08/22/2013 12:16 PM, Gabriel Mateescu wrote:
On Thu, Aug 22, 2013 at 10:06 AM, Dimitri Maziuk <dmaziuk@xxxxxxxxxxxxx> wrote:
On 08/22/2013 08:47 AM, Rich Pieri wrote:

My point was, if your job runs as nobody, the hoops you need to jump
through in order to ssh_to_job are not limited to /etc/shells. In fact,
it's may be worth adding a check to ssh_to_job: if job's euid == nobody
then echo "This won't work" and die. Because these days it most likely

That would be too drastic. However,
a more specific error message when
the job runs as nobody, e.g., "make
sure user nobody has a valid shell"
could help.

As I was saying: even if it did (which it shouldn't), *it still won't
work* on [at least] RedHat family of linux distros. Not without also
reconfiguring a bunch of other things.

Maybe it would be best to get rid of HTCondor's use of user "nobody" in the first place. To do so would require giving HTCondor a range of UIDs/GIDs upon installation which could then be used to setup slot users.... Wish there was a way to do this via an RPM/Deb install without having to prompt the user for a range; if anyone has ideas, please share!